Pegasus: Facts About the Large-Scale Cyber ​​Surveillance Spyware

It is so efficient that it costs 8 million euros: the Pegasus surveillance software returns to the headlines for spying on 180 journalists and thousands of human rights activists.

The news, disseminated by the NGO Forbidden Stories and by Amnesty International and reported by 17 newspapers, is shaking half the world because it also involves politicians and heads of state and, as Edward Snowden has already stated, could represent the biggest violation of privacy by times of Prism, the US electronic surveillance program he unveiled in 2013.

Let’s go in order: Pegasus, from the name of the winged horse of Greek mythology, is a surveillance software produced by an Israeli company, the Nso Group , for anti-crime and anti-terrorism purposes, on which the government of Naftali Bennet, like the previous ones, maintains strict control.

Pegasus is designed to collect text messages, intercept phone calls, geo-locate the user and copy their passwords. This is why it has been used by many governments in the past to monitor the activities of anyone who, according to them, could represent a danger to national security.

But the Pegasus software was also used to stalk journalist Jamal Khashoggi, murdered by Saudi intelligence according to the Americans, and about 20 members of his family, including a close collaborator who later fled to Canada. But it is not the first time that it has been in the spotlight: since 2016 Amnesty International and the Citizen Lab of Toronto have denounced its illicit use against privacy lawyers and human and civil rights activists in 45 countries around the world. , from Egypt to Mexico.

This time, as reported by the Amnesty Security Tech Lab, led by the Italian Claudio Guarnieri, it would have served to monitor over 50 thousand telephone users of journalists, politicians, lawyers, and even 13 heads of state (including 3 Europeans) by the governments of Mexico, India, Morocco, Indonesia, Rwanda, Togo and even from Orban’s Hungary, which would use it to control opponents; 15 thousand users are Mexican and among these is that of a journalist killed in 2018, Cecilio Pineda Birto.

The news was reported by the Guardian, the New York Times, the Associated Press, Reuters and other international newspapers.

How Pegasus Works

For Claudio Guarnieri once a phone is infected with Pegasus, an Nso customer could not only take control of it but also read encrypted messages on WhatsApp, Telegram and Signal and track a person’s past movements and its position in real-time, with maximum precision, for example by establishing the direction and speed in which it travels by car.

In short: it had to be a tool against organized crime and terrorism, but with these characteristics, Pegasus can be used like any spyware.

Like other spy software, Pegasus is inoculated into the victim’s phone as a result of the user’s action and from that moment is able to forward emails, photos and videos to those who control the hacked phone, remotely, also being able to activate the microphone and the camera. This applies to all phones, even those that are particularly secure such as the iPhone. And apparently, it would be able to read any type of chat, even if done with apps with end-to-end encryption, which encrypts it from the sender to the receiver. In the case of Pegasus, its programmers would have exploited the vulnerabilities of the software it interacts with. These are often 0-Day, “known 0-day” software vulnerabilities, that is, unknown to the rest of the world, and which, sold and bought both in criminal circuits and through legal brokerage agencies, once discovered, are exploited to open the door to spy software.

It gets worse: for Guarnieri’s team, Nso technology makes it possible to penetrate phones with “zero-click attacks, that is, without a user having to click on a malicious link to get infected, while also finding evidence that Nso would have exploited the vulnerabilities associated with iMessage, which is installed on all iPhones.

According to Snowden, this is the story of the year. With important legal and political implications. In fact, the lawsuit between Facebook and the Nso is still standing, considered by Zuckerberg’s lawyers to be responsible for hacking 1400 WhatsApp users. Thesis denied by the Israelis of Nso, who reacted to the accusation last year by counterattacking: according to the CEO of the company, two representatives of Facebook would have approached their executives in 2017 to buy the rights to use the surveillance software and monitor their users. Nso has invoked immunity to close the case, but in April two judges considered the request of the IT company premature.

Pegasus spyware was first discovered on iPhones in 2016, exploiting a vulnerability that was activated by clicking on a missed call from WhatsApp (it came from a Swedish prefix) capable of inoculating surveillance software, controlling the microphone and the camera. phone, collecting passwords and rummaging through photos and emails: Apple released an update in August 2016 aimed at closing the vulnerabilities. The same happened with Android devices.